New-OrganizationSegment
This cmdlet is available only in Security & Compliance PowerShell. For more information, see Security & Compliance PowerShell.
Use the New-OrganizationSegment cmdlet to create organization segments for use with information barrier policies in the Microsoft Purview compliance portal. Organization Segments are not in effect until you apply information barrier policies.
For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.
Syntax
New-OrganizationSegment
[-Name] <String>
-UserGroupFilter <String>
[-Confirm]
[-WhatIf]
[<CommonParameters>] Description
For more information about the filterable attributes that you can use to define segments, see Attributes for information barrier policies.
To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see Permissions in the Microsoft Purview compliance portal.
Examples
Example 1
New-OrganizationSegment -Name "HR" -UserGroupFilter "Department -eq 'HR'"In this example, a segment called HR is defined using HR, a value in the Department attribute.
Example 2
New-OrganizationSegment -Name "NotSales" -UserGroupFilter "Department -ne 'Sales'"In this example, we defined a segment called NotSales that includes everyone who is not in Sales. The "-ne" portion of the cmdlet refers to "not equals."
Example 3
New-OrganizationSegment -Name "LocalFTE" -UserGroupFilter "Location -eq 'Local' -and Position -ne 'Temporary'"In this example, we defined a segment called LocalFTE that includes people who are locally located and whose positions are not listed as Temporary.
Parameters
-Confirm
The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.
- Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax:
-Confirm:$false. - Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Name
The Name parameter specifies the unique name for the organization segment. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks (").
| Type: | String |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-UserGroupFilter
The UserGroupFilter parameter uses OPATH filter syntax to specify the members of the organization segment. The syntax is "Property -ComparisonOperator 'Value'" (for example, "MemberOf -eq 'Engineering Department'" or "ExtensionAttribute1 -eq 'DayTrader'").
- Enclose the whole OPATH filter in double quotation marks " ". If the filter contains system values (for example,
$true,$false, or$null), use single quotation marks ' ' instead. Although this parameter is a string (not a system block), you can also use braces { }, but only if the filter doesn't contain variables. - Property is a filterable property. For more information, see Attributes for information barrier policies.
- ComparisonOperator is an OPATH comparison operator (for example
-eqfor equals and-likefor string comparison). For more information about comparison operators, see about_Comparison_Operators. - Value is the property value to search for. Enclose text values and variables in single quotation marks (
'Value'or'$Variable'). If a variable value contains single quotation marks, you need to identify (escape) the single quotation marks to expand the variable correctly. For example, instead of'$User', use'$($User -Replace "'","''")'. Don't enclose integers or system values in quotation marks (for example, use500,$true,$false, or$nullinstead).
For detailed information about OPATH filters in Exchange, see Additional OPATH syntax information.
Use the same property for all of your segments, and verify that your segments don't overlap (a user must be assigned to only one segment).
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-WhatIf
The WhatIf switch doesn't work in Security & Compliance PowerShell.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
Related Links
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for